summaryrefslogtreecommitdiffstats
path: root/Documentation/devicetree/bindings/tpm
diff options
context:
space:
mode:
authorDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-18 18:50:03 +0000
committerDaniel Baumann <daniel.baumann@progress-linux.org>2024-05-18 18:50:03 +0000
commit01a69402cf9d38ff180345d55c2ee51c7e89fbc7 (patch)
treeb406c5242a088c4f59c6e4b719b783f43aca6ae9 /Documentation/devicetree/bindings/tpm
parentAdding upstream version 6.7.12. (diff)
downloadlinux-01a69402cf9d38ff180345d55c2ee51c7e89fbc7.tar.xz
linux-01a69402cf9d38ff180345d55c2ee51c7e89fbc7.zip
Adding upstream version 6.8.9.upstream/6.8.9
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'Documentation/devicetree/bindings/tpm')
-rw-r--r--Documentation/devicetree/bindings/tpm/google,cr50.yaml65
-rw-r--r--Documentation/devicetree/bindings/tpm/ibm,vtpm.yaml104
-rw-r--r--Documentation/devicetree/bindings/tpm/microsoft,ftpm.yaml47
-rw-r--r--Documentation/devicetree/bindings/tpm/tcg,tpm-tis-i2c.yaml90
-rw-r--r--Documentation/devicetree/bindings/tpm/tcg,tpm-tis-mmio.yaml49
-rw-r--r--Documentation/devicetree/bindings/tpm/tcg,tpm_tis-spi.yaml75
-rw-r--r--Documentation/devicetree/bindings/tpm/tpm-common.yaml87
7 files changed, 517 insertions, 0 deletions
diff --git a/Documentation/devicetree/bindings/tpm/google,cr50.yaml b/Documentation/devicetree/bindings/tpm/google,cr50.yaml
new file mode 100644
index 0000000000..9302e12e9f
--- /dev/null
+++ b/Documentation/devicetree/bindings/tpm/google,cr50.yaml
@@ -0,0 +1,65 @@
+# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
+%YAML 1.2
+---
+$id: http://devicetree.org/schemas/tpm/google,cr50.yaml#
+$schema: http://devicetree.org/meta-schemas/core.yaml#
+
+title: Google Security Chip H1 (running Cr50 firmware)
+
+maintainers:
+ - Andrey Pronin <apronin@chromium.org>
+
+description: |
+ Google has designed a family of security chips called "Titan".
+ One member is the H1 built into Chromebooks and running Cr50 firmware:
+ https://www.osfc.io/2018/talks/google-secure-microcontroller-and-ccd-closed-case-debugging/
+
+ The chip provides several functions, including TPM 2.0 like functionality.
+ It communicates over SPI or I²C using the FIFO protocol described in the
+ TCG PC Client Platform TPM Profile Specification for TPM 2.0 (PTP), sec 6:
+ https://trustedcomputinggroup.org/resource/pc-client-platform-tpm-profile-ptp-specification/
+
+properties:
+ compatible:
+ const: google,cr50
+
+allOf:
+ - $ref: tpm-common.yaml#
+
+anyOf:
+ - $ref: /schemas/spi/spi-peripheral-props.yaml#
+ - $ref: tcg,tpm-tis-i2c.yaml#/properties/reg
+
+required:
+ - compatible
+ - reg
+
+unevaluatedProperties: false
+
+examples:
+ - |
+ spi {
+ #address-cells = <1>;
+ #size-cells = <0>;
+
+ tpm@0 {
+ reg = <0>;
+ compatible = "google,cr50";
+ spi-max-frequency = <800000>;
+ };
+ };
+
+ - |
+ #include <dt-bindings/interrupt-controller/irq.h>
+ i2c {
+ #address-cells = <1>;
+ #size-cells = <0>;
+
+ tpm@50 {
+ compatible = "google,cr50";
+ reg = <0x50>;
+ interrupts-extended = <&pio 88 IRQ_TYPE_EDGE_FALLING>;
+ pinctrl-names = "default";
+ pinctrl-0 = <&cr50_int>;
+ };
+ };
diff --git a/Documentation/devicetree/bindings/tpm/ibm,vtpm.yaml b/Documentation/devicetree/bindings/tpm/ibm,vtpm.yaml
new file mode 100644
index 0000000000..50a3fd3124
--- /dev/null
+++ b/Documentation/devicetree/bindings/tpm/ibm,vtpm.yaml
@@ -0,0 +1,104 @@
+# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
+%YAML 1.2
+---
+$id: http://devicetree.org/schemas/tpm/ibm,vtpm.yaml#
+$schema: http://devicetree.org/meta-schemas/core.yaml#
+
+title: IBM Virtual Trusted Platform Module (vTPM)
+
+maintainers:
+ - Nayna Jain <nayna@linux.ibm.com>
+
+description: |
+ Virtual TPM is used on IBM POWER7+ and POWER8 systems running POWERVM.
+ It is supported through the adjunct partition with firmware release 740
+ or higher. With vTPM support, each lpar is able to have its own vTPM
+ without the physical TPM hardware. The TPM functionality is provided by
+ communicating with the vTPM adjunct partition through Hypervisor calls
+ (Hcalls) and Command/Response Queue (CRQ) commands.
+
+properties:
+ compatible:
+ enum:
+ - IBM,vtpm
+ - IBM,vtpm20
+
+ device_type:
+ description:
+ type of virtual device
+ enum:
+ - IBM,vtpm
+ - IBM,vtpm20
+
+ reg:
+ maxItems: 1
+
+ 'ibm,#dma-address-cells':
+ description:
+ number of cells that are used to encode the physical address field of
+ dma-window properties
+ $ref: /schemas/types.yaml#/definitions/uint32-array
+
+ 'ibm,#dma-size-cells':
+ description:
+ number of cells that are used to encode the size field of
+ dma-window properties
+ $ref: /schemas/types.yaml#/definitions/uint32-array
+
+ ibm,my-dma-window:
+ description:
+ DMA window associated with this virtual I/O Adapter
+ $ref: /schemas/types.yaml#/definitions/uint32-array
+ minItems: 5
+ maxItems: 5
+
+ ibm,my-drc-index:
+ description:
+ integer index for the connector between the device and its parent;
+ present only if Dynamic Reconfiguration (DR) Connector is enabled
+ $ref: /schemas/types.yaml#/definitions/uint32
+
+ ibm,loc-code:
+ description:
+ unique and persistent location code associated with this virtual
+ I/O Adapter
+ $ref: /schemas/types.yaml#/definitions/string
+
+required:
+ - compatible
+ - device_type
+ - reg
+ - interrupts
+ - ibm,#dma-address-cells
+ - ibm,#dma-size-cells
+ - ibm,my-dma-window
+ - ibm,my-drc-index
+ - ibm,loc-code
+ - linux,sml-base
+ - linux,sml-size
+
+allOf:
+ - $ref: tpm-common.yaml#
+
+unevaluatedProperties: false
+
+examples:
+ - |
+ soc {
+ #address-cells = <1>;
+ #size-cells = <0>;
+
+ tpm@30000003 {
+ compatible = "IBM,vtpm";
+ device_type = "IBM,vtpm";
+ reg = <0x30000003>;
+ interrupts = <0xa0003 0x0>;
+ ibm,#dma-address-cells = <0x2>;
+ ibm,#dma-size-cells = <0x2>;
+ ibm,my-dma-window = <0x10000003 0x0 0x0 0x0 0x10000000>;
+ ibm,my-drc-index = <0x30000003>;
+ ibm,loc-code = "U8286.41A.10082DV-V3-C3";
+ linux,sml-base = <0xc60e 0x0>;
+ linux,sml-size = <0xbce10200>;
+ };
+ };
diff --git a/Documentation/devicetree/bindings/tpm/microsoft,ftpm.yaml b/Documentation/devicetree/bindings/tpm/microsoft,ftpm.yaml
new file mode 100644
index 0000000000..fdb81968f0
--- /dev/null
+++ b/Documentation/devicetree/bindings/tpm/microsoft,ftpm.yaml
@@ -0,0 +1,47 @@
+# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
+%YAML 1.2
+---
+$id: http://devicetree.org/schemas/tpm/microsoft,ftpm.yaml#
+$schema: http://devicetree.org/meta-schemas/core.yaml#
+
+title: Microsoft firmware-based Trusted Platform Module (fTPM)
+
+maintainers:
+ - Thirupathaiah Annapureddy <thiruan@microsoft.com>
+ - Sasha Levin <sashal@kernel.org>
+
+description: |
+ Commodity CPU architectures, such as ARM and Intel CPUs, have started to
+ offer trusted computing features in their CPUs aimed at displacing dedicated
+ trusted hardware. Unfortunately, these CPU architectures raise serious
+ challenges to building trusted systems because they omit providing secure
+ resources outside the CPU perimeter.
+
+ Microsoft's firmware-based TPM 2.0 (fTPM) leverages ARM TrustZone to overcome
+ these challenges and provide software with security guarantees similar to
+ those of dedicated trusted hardware.
+
+ https://www.microsoft.com/en-us/research/publication/ftpm-software-implementation-tpm-chip/
+ https://github.com/Microsoft/ms-tpm-20-ref/tree/main/Samples/ARM32-FirmwareTPM
+
+properties:
+ compatible:
+ const: microsoft,ftpm
+
+required:
+ - compatible
+ - linux,sml-base
+ - linux,sml-size
+
+allOf:
+ - $ref: tpm-common.yaml#
+
+unevaluatedProperties: false
+
+examples:
+ - |
+ tpm {
+ compatible = "microsoft,ftpm";
+ linux,sml-base = <0x0 0xc0000000>;
+ linux,sml-size = <0x10000>;
+ };
diff --git a/Documentation/devicetree/bindings/tpm/tcg,tpm-tis-i2c.yaml b/Documentation/devicetree/bindings/tpm/tcg,tpm-tis-i2c.yaml
new file mode 100644
index 0000000000..3ab4434b73
--- /dev/null
+++ b/Documentation/devicetree/bindings/tpm/tcg,tpm-tis-i2c.yaml
@@ -0,0 +1,90 @@
+# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
+%YAML 1.2
+---
+$id: http://devicetree.org/schemas/tpm/tcg,tpm-tis-i2c.yaml#
+$schema: http://devicetree.org/meta-schemas/core.yaml#
+
+title: I²C-attached Trusted Platform Module conforming to TCG TIS specification
+
+maintainers:
+ - Lukas Wunner <lukas@wunner.de>
+
+description: |
+ The Trusted Computing Group (TCG) has defined a multi-vendor standard
+ for accessing a TPM chip. It can be transported over various buses,
+ one of them being I²C. The standard is named:
+ TCG PC Client Specific TPM Interface Specification (TIS)
+ https://trustedcomputinggroup.org/resource/pc-client-work-group-pc-client-specific-tpm-interface-specification-tis/
+
+ The I²C interface was not originally part of the standard, but added
+ in 2017 with a separate document:
+ TCG PC Client Platform TPM Profile Specification for TPM 2.0 (PTP)
+ https://trustedcomputinggroup.org/resource/pc-client-platform-tpm-profile-ptp-specification/
+
+ Recent TPM 2.0 chips conform to this generic interface, others use a
+ vendor-specific I²C interface.
+
+properties:
+ compatible:
+ oneOf:
+ - description: Generic TPM 2.0 chips conforming to TCG PTP interface
+ items:
+ - enum:
+ - infineon,slb9673
+ - nuvoton,npct75x
+ - const: tcg,tpm-tis-i2c
+
+ - description: TPM 1.2 and 2.0 chips with vendor-specific I²C interface
+ items:
+ - enum:
+ - atmel,at97sc3204t # TPM 1.2
+ - infineon,slb9635tt # TPM 1.2 (maximum 100 kHz)
+ - infineon,slb9645tt # TPM 1.2 (maximum 400 kHz)
+ - infineon,tpm_i2c_infineon # TPM 1.2
+ - nuvoton,npct501 # TPM 1.2
+ - nuvoton,npct601 # TPM 2.0
+ - st,st33zp24-i2c # TPM 2.0
+ - winbond,wpct301 # TPM 1.2
+
+ reg:
+ description: address of TPM on the I²C bus
+
+allOf:
+ - $ref: tpm-common.yaml#
+
+required:
+ - compatible
+ - reg
+
+unevaluatedProperties: false
+
+examples:
+ - |
+ i2c {
+ #address-cells = <1>;
+ #size-cells = <0>;
+
+ tpm@57 {
+ label = "tpm";
+ compatible = "nuvoton,npct601";
+ reg = <0x57>;
+ linux,sml-base = <0x7f 0xfd450000>;
+ linux,sml-size = <0x10000>;
+ };
+ };
+
+ - |
+ #include <dt-bindings/gpio/gpio.h>
+ #include <dt-bindings/interrupt-controller/irq.h>
+ i2c {
+ #address-cells = <1>;
+ #size-cells = <0>;
+
+ tpm@13 {
+ reg = <0x13>;
+ compatible = "st,st33zp24-i2c";
+ interrupt-parent = <&gpio5>;
+ interrupts = <7 IRQ_TYPE_LEVEL_HIGH>;
+ lpcpd-gpios = <&gpio5 15 GPIO_ACTIVE_HIGH>;
+ };
+ };
diff --git a/Documentation/devicetree/bindings/tpm/tcg,tpm-tis-mmio.yaml b/Documentation/devicetree/bindings/tpm/tcg,tpm-tis-mmio.yaml
new file mode 100644
index 0000000000..87bce06921
--- /dev/null
+++ b/Documentation/devicetree/bindings/tpm/tcg,tpm-tis-mmio.yaml
@@ -0,0 +1,49 @@
+# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
+%YAML 1.2
+---
+$id: http://devicetree.org/schemas/tpm/tcg,tpm-tis-mmio.yaml#
+$schema: http://devicetree.org/meta-schemas/core.yaml#
+
+title: MMIO-accessed Trusted Platform Module conforming to TCG TIS specification
+
+maintainers:
+ - Lukas Wunner <lukas@wunner.de>
+
+description: |
+ The Trusted Computing Group (TCG) has defined a multi-vendor standard
+ for accessing a TPM chip. It can be transported over various buses,
+ one of them being LPC (via MMIO). The standard is named:
+ TCG PC Client Specific TPM Interface Specification (TIS)
+ https://trustedcomputinggroup.org/resource/pc-client-work-group-pc-client-specific-tpm-interface-specification-tis/
+
+properties:
+ compatible:
+ items:
+ - enum:
+ - at97sc3201
+ - atmel,at97sc3204
+ - socionext,synquacer-tpm-mmio
+ - const: tcg,tpm-tis-mmio
+
+ reg:
+ description:
+ location and length of the MMIO registers, length should be
+ at least 0x5000 bytes
+
+allOf:
+ - $ref: tpm-common.yaml#
+
+required:
+ - compatible
+ - reg
+
+unevaluatedProperties: false
+
+examples:
+ - |
+ tpm@90000 {
+ compatible = "atmel,at97sc3204", "tcg,tpm-tis-mmio";
+ reg = <0x90000 0x5000>;
+ interrupt-parent = <&EIC0>;
+ interrupts = <1 2>;
+ };
diff --git a/Documentation/devicetree/bindings/tpm/tcg,tpm_tis-spi.yaml b/Documentation/devicetree/bindings/tpm/tcg,tpm_tis-spi.yaml
new file mode 100644
index 0000000000..c3413b47ac
--- /dev/null
+++ b/Documentation/devicetree/bindings/tpm/tcg,tpm_tis-spi.yaml
@@ -0,0 +1,75 @@
+# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
+%YAML 1.2
+---
+$id: http://devicetree.org/schemas/tpm/tcg,tpm_tis-spi.yaml#
+$schema: http://devicetree.org/meta-schemas/core.yaml#
+
+title: SPI-attached Trusted Platform Module conforming to TCG TIS specification
+
+maintainers:
+ - Lukas Wunner <lukas@wunner.de>
+
+description: |
+ The Trusted Computing Group (TCG) has defined a multi-vendor standard
+ for accessing a TPM chip. It can be transported over various buses,
+ one of them being SPI. The standard is named:
+ TCG PC Client Specific TPM Interface Specification (TIS)
+ https://trustedcomputinggroup.org/resource/pc-client-work-group-pc-client-specific-tpm-interface-specification-tis/
+
+properties:
+ compatible:
+ items:
+ - enum:
+ - infineon,slb9670
+ - st,st33htpm-spi
+ - st,st33zp24-spi
+ - const: tcg,tpm_tis-spi
+
+allOf:
+ - $ref: tpm-common.yaml#
+ - $ref: /schemas/spi/spi-peripheral-props.yaml#
+ - if:
+ properties:
+ compatible:
+ contains:
+ const: st,st33zp24-spi
+ then:
+ properties:
+ spi-max-frequency:
+ maximum: 10000000
+
+required:
+ - compatible
+ - reg
+
+unevaluatedProperties: false
+
+examples:
+ - |
+ spi {
+ #address-cells = <1>;
+ #size-cells = <0>;
+
+ tpm@0 {
+ reg = <0>;
+ compatible = "infineon,slb9670", "tcg,tpm_tis-spi";
+ spi-max-frequency = <10000000>;
+ };
+ };
+
+ - |
+ #include <dt-bindings/gpio/gpio.h>
+ #include <dt-bindings/interrupt-controller/irq.h>
+ spi {
+ #address-cells = <1>;
+ #size-cells = <0>;
+
+ tpm@0 {
+ reg = <0>;
+ compatible = "st,st33zp24-spi", "tcg,tpm_tis-spi";
+ spi-max-frequency = <10000000>;
+ interrupt-parent = <&gpio5>;
+ interrupts = <7 IRQ_TYPE_LEVEL_HIGH>;
+ lpcpd-gpios = <&gpio5 15 GPIO_ACTIVE_HIGH>;
+ };
+ };
diff --git a/Documentation/devicetree/bindings/tpm/tpm-common.yaml b/Documentation/devicetree/bindings/tpm/tpm-common.yaml
new file mode 100644
index 0000000000..3c1241b2a4
--- /dev/null
+++ b/Documentation/devicetree/bindings/tpm/tpm-common.yaml
@@ -0,0 +1,87 @@
+# SPDX-License-Identifier: (GPL-2.0-only OR BSD-2-Clause)
+%YAML 1.2
+---
+$id: http://devicetree.org/schemas/tpm/tpm-common.yaml#
+$schema: http://devicetree.org/meta-schemas/core.yaml#
+
+title: Trusted Platform Module common properties
+
+maintainers:
+ - Lukas Wunner <lukas@wunner.de>
+
+properties:
+ $nodename:
+ pattern: '^tpm(@[0-9a-f]+)?$'
+
+ interrupts:
+ description: indicates command completion
+ maxItems: 1
+
+ label:
+ description: human readable string describing the device, e.g. "tpm"
+
+ linux,sml-base:
+ description:
+ base address of reserved memory allocated for firmware event log
+ $ref: /schemas/types.yaml#/definitions/uint64
+
+ linux,sml-size:
+ description:
+ size of reserved memory allocated for firmware event log
+ $ref: /schemas/types.yaml#/definitions/uint32
+
+ memory-region:
+ description: reserved memory allocated for firmware event log
+ maxItems: 1
+
+ powered-while-suspended:
+ description:
+ present when the TPM is left powered on between suspend and resume
+ (makes the suspend/resume callbacks do nothing)
+ type: boolean
+
+ resets:
+ description: Reset controller to reset the TPM
+ maxItems: 1
+
+ reset-gpios:
+ description: Output GPIO pin to reset the TPM
+ maxItems: 1
+
+# must always have both linux,sml-base and linux,sml-size
+dependentRequired:
+ linux,sml-base: ['linux,sml-size']
+ linux,sml-size: ['linux,sml-base']
+
+# must only have either memory-region or linux,sml-base
+# as well as either resets or reset-gpios
+dependentSchemas:
+ memory-region:
+ properties:
+ linux,sml-base: false
+ linux,sml-base:
+ properties:
+ memory-region: false
+ resets:
+ properties:
+ reset-gpios: false
+ reset-gpios:
+ properties:
+ resets: false
+
+allOf:
+ - if:
+ properties:
+ compatible:
+ contains:
+ pattern: '^st,st33zp24'
+ then:
+ properties:
+ lpcpd-gpios:
+ description:
+ Output GPIO pin used for ST33ZP24 power management of D1/D2 state.
+ If set, power must be present when the platform is going into
+ sleep/hibernate mode.
+ maxItems: 1
+
+additionalProperties: true